Creeper ransomware

September 12, 2018

What is Creeper

Creeper ransomware – malicious cryptovirus which is still actively infecting PC users with new versions. The latest appeared on August 2018.

Creeper ransomware is a file-encrypting cyber infection, which seeks to lock personal files on victim’s PC using a sophisticated AES encryption algorithm and then appending .creeper or .crypton file extension. The ransom note used to demand a ransom for a personal decryption key is called either DECRIPT_MY_FILES.txt or DECRIPT_FILES.txt.The distinguishing mark of the virus is a skgrhk2018@tutanota.com email address used to contact the developers of this virus.

Creeper ransomware

Typically, hackers are requesting to send them a unique code that is indicated on a ransom note. The ransom message displayed by Creeper ransomware reads the following:

In the text file, the ransomware does not indicate the particular amount of the ransom. The size of the redemption depends on how fast the victim reacts to the current situation. If the victim contacts the developers of the Creeper virus in two days or less, he or she will be asked to pay 3 Monero coins, which is currently more than 800 USD. The price for those who respond within 3-5 days increases to 5 Monero coins, while the absolute deadline is six days. According to crooks, in 6 days the Creeper decryptor is permanently deleted.

Download Removal Toolto remove Creeper

All information related to this virus is originally written in English, so experts speculate that it’s oriented to English-speaking users. Since English is a universal language, the prevalence of this crypto-extortionists is expected to be large.

Despite the fact that this file-encrypting virus is not yet decryptable, we strongly encourage you to remove Creeper using , , Anti-MalwareNorton Internet Security or another reputable anti-virus. You should not pay the ransom due to two important reasons – money loss and future attacks. You can never know whether the felons creating ransomware virus are conscientious. They may not store a decryptor at all, so after transferring Monero, they may not send you a decryptor or send the one that is not working. Besides, paying the ransom is not a decent move as you will motive crooks to keep initiating their shady activities.

If you are not aware how to initiate Creeper removal or the ransomware keeps blocking your anti-virus continuously, you can follow the instructions provided at the end of this article. You will also find several alternative methods that can help you to decrypt files encrypted by Creeper virus.

How does Creeper works

According to the latest reports, the usage of drive-by download attacks and exploit kits for ransomware distribution are falling since 2017. Although some major attacks via RIG EK and other exploit kits have been revealed through the last year, the numbers are decreasing leaving malspam campaigns as the primary distributor of the file-encrypting virus.

However, the revelation of such a tendency does not mean that PC users can stop being careful with suspicious ads or start surfing on illegal and potentially dangerous websites. Precautionary measures have to be in mind all the time because hackers the old virus distribution methods are often refined coming back with the new strength.

One malware distribution strategy seems to be stable – that’s spam emails. Hackers use various bots (Necurs most frequently) to disseminate tricky email messages with malicious email attachments. Such messages can mimic various authorities and indicate an attachment as invoice, report, or another official document. Usually, such attachments require to enable Macros and, if the potential victim, does that, he or she unintentionally activates the ransomware.

Download Removal Toolto remove Creeper

To protect yourself from similar cyber attacks, experts from recommend you to keep a reputable anti-virus activated and update it regularly. Besides, avoid interaction with any content that looks suspicious to you. Although people often have a presentiment about email attachments or fake ads on the internet, curiosity often overcomes the fair of getting their PCs infected.

How to delete Creeper

Creeper removal can hardly be initiated without the assistance of the anti-virus tool. Unlike less dangerous viruses, ransomware is known for initiating multiple system’s changes, including corruption of Registry Entries.The problem is that you may not be able to remove Creeper virus with the help of an anti-virus. It may prevent the anti-malware tool from being launched and block the installation of a new one. In this kind of situation, you should initiate the steps that are given below.

Once you eliminate Creeper ransomware from the system, you should try to recover your files from Shadow Volume Copies, previous Windows version or use additional data recovery tools. Those who have file backups should skip data recovery steps and go ahead to the recovery from backups.

Stage 1: Delete Browser Extension

First of all, we would recommend that you check your browser extensions and remove any that are linked to Creeper. A lot of adware and other unwanted programs use browser extensions in order to hijacker internet applications.

Remove Creeper Extension from Google Chrome

  1. Launch Google Chrome.
  2. In the address bar, type: chrome://extensions/ and press Enter.
  3. Look for Creeper or anything related to it, and once you find it, press ‘Remove’.

Uninstall Creeper Extension from Firefox

  1. Launch Mozilla Firefox.
  2. In the address bar, type: about:addons and press Enter.
  3. From the menu on the left, choose Extensions.
  4. Look for Creeper or anything related to it, and once you find it, press ‘Remove’.

Delete Creeper Extension from Safari

  1. Launch Safari.
  2. Press on the Safari Settings icon, which you can find in the upper-right corner.
  3. Select Preferences from the list.
  4. Choose the Extensions tab.
  5. Look for Creeper or anything related to it, and once you find it, press ‘Uninstall’.
  6. Additionally, open Safari Settings again and choose Downloads.
  7. If Creeper.safariextz appears on the list, select it and press ‘Clear’.

Remove Creeper Add-ons from Internet Explorer

  1. Launch Internet Explorer.
  2. From the menu at the top, select Tools and then press Manage add-ons.
  3. Look for Creeper or anything related to it, and once you find it, press ‘Remove’.
  4. Reopen Internet Explorer.In the unlikely scenario that Creeper is still on your browser, follow the additional instructions below.
  5. Press Windows Key + R, type appwiz.cpl and press Enter
  6. The Program and Features window will open where you should be able to find the Creeper program.
  7. Select Creeper or any other recently installed unwanted entry and press ‘Uninstall/Change’.

Alternative method to clear the browser from Creeper

There may be cases when adware or PUPs cannot be removed by simply deleting extensions or codes. In those situations, it is necessary to reset the browser to default configuration. In you notice that even after getting rid of weird extensions the infection is still present, follow the below instructions.

Use Chrome Clean Up Tool to Delete Creeper

  1. Launch Google Chrome.
  2. In the address box, type: chrome://settings/ and press Enter.
  3. Expand Advanced settings, which you can find by scrolling down.
  4. Scroll down until you see Reset and Cleanup.
  5. Press on Clean up computer. Then press Find.

This Google Chrome feature is supposed to clear the computer of any harmful software. If it does not detect Creeper, go back to the Clean up computer and reset settings.

Reset Mozilla Firefox to Default

If you still find Creeper in your Mozilla Firefox browser, you should be able to get rid of it by restoring your Firefox settings to default. While extensions and plug-ins will be deleted, this will not touch your browser history, bookmarks, saved passwords or Internet cookies.

  1. Launch Mozilla Firefox
  2. Into the address box, type: about:support and press Enter.
  3. You will be redirected to a Troubleshooting Information page.
  4. From the menu on the right side, select Refresh Firefox.
  5. Confirm your choice by clicking Refresh Firefox in the new window.
  6. Your browser will close automatically in order to successfully restore the settings.
  7. Press Finish.

Reset Safari Browser to Normal Settings

  1. Launch Safari.
  2. Press on the Safari Settings icon, which you can find in the upper-right corner.
  3. Press Reset Safari.
  4. A new window will appear. Select the boxes of what you want to reset or use the screenshot below to guide you. Once you have selected everything, press ‘Reset’.
  5. Restart Safari.

Restore Internet Explorer to Default Settings

  1. Launch Internet Explorer.
  2. From the top menu, press on Tools and then Internet Options.
  3. In the new window that opens, choose the Advanced tab.
  4. At the bottom of the window, below Reset Internet settings, there will be a ‘Reset’ button. Press that.

While extensions and plug-ins will be deleted, this will not touch your browser history, bookmarks, saved passwords or Internet cookies.

Leave a Reply

Your email address will not be published. Required fields are marked *

*